subject:"Bug#876328\: marked as done \(asterisk\: CVE\-2017\-14603\: RTP\/RTCP information leak \(AST\-2017\-008\)\)"

Bug#876328: marked as done (asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008))

2017-10-08 Thread Debian Bug Tracking System

Your message dated Sun, 08 Oct 2017 12:02:51 +
with message-id 
and subject line Bug#876328: fixed in asterisk 1:11.13.1~dfsg-2+deb8u4
has caused the Debian Bug report #876328,
regarding asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
876328: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876328
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: asterisk
Version: 1:13.17.1~dfsg-1
Severity: grave
Tags: patch security upstream

Hi,

the following vulnerability was published for asterisk.

CVE-2017-14603[0]:
followup-to AST-2017-005: RTP/RTCP information leak

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14603
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14603
[1] http://downloads.asterisk.org/pub/security/AST-2017-008.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:11.13.1~dfsg-2+deb8u4

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernhard Schmidt  (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 23 Sep 2017 21:07:18 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb 
asterisk-voicemail asterisk-voicemail-imapstorage 
asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql 
asterisk-mobile asterisk-doc asterisk-dev asterisk-dbg asterisk-config
Architecture: source amd64 all
Version: 1:11.13.1~dfsg-2+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: Debian VoIP Team 
Changed-By: Bernhard Schmidt 
Description:
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dbg - Debugging symbols for Asterisk
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the 
Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the 
Asterisk PBX
 asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 876328
Changes:
 asterisk (1:11.13.1~dfsg-2+deb8u4) jessie-security; urgency=high
 .
   * CVE-2017-14603 / AST-2017-008
 This is a follow-up for AST-2017-005: RTP/RTCP information leak
 improving robustness of the security fix and fixing a regression
 with re-INVITEs (Closes: #876328)
Checksums-Sha1:
 f7b53dc6d228b53434310ad18e01f1bf0358c44b 4050 
asterisk_11.13.1~dfsg-2+deb8u4.dsc
 4d883e90f48141c9975bf62764b8d14385e4982b 120088 
asterisk_11.13.1~dfsg-2+deb8u4.debian.tar.xz
 bb28863222954ddbac903a747e7a606d688934bb 148 
asterisk_11.13.1~dfsg-2+deb8u4_amd64.deb
 1d42c8810cd55ddcecaf96d29b63f4b88e1d2ad5 2128016 
asterisk-modules_11.13.1~dfsg-2+deb8u4_amd64.deb
 e0129c6f607c9b10a3c5c129ebc4ea7c312a7271 704006 
asterisk-dahdi_11.13.1~dfsg-2+deb8u4_amd64.deb
 d40c6ed18fd4ca93fecad7dc9845b34ccc1ae781 508316 
asterisk-vpb_11.13.1~dfsg-2+deb8u4_amd64.deb
 f93b6b4fffcc09062f6392d209dc35cbd58e345f 563946 
asterisk-voicemail_11.13.1~dfsg-2+deb8u4_amd64.deb
 504f11349882476129b6bec9e2bfac1fbebb 579936

Bug#876328: marked as done (asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008))

2017-10-07 Thread Debian Bug Tracking System

Your message dated Sat, 07 Oct 2017 11:47:08 +
with message-id 
and subject line Bug#876328: fixed in asterisk 1:13.14.1~dfsg-2+deb9u2
has caused the Debian Bug report #876328,
regarding asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
876328: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876328
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: asterisk
Version: 1:13.17.1~dfsg-1
Severity: grave
Tags: patch security upstream

Hi,

the following vulnerability was published for asterisk.

CVE-2017-14603[0]:
followup-to AST-2017-005: RTP/RTCP information leak

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14603
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14603
[1] http://downloads.asterisk.org/pub/security/AST-2017-008.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:13.14.1~dfsg-2+deb9u2

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernhard Schmidt  (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 23 Sep 2017 21:26:19 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb 
asterisk-voicemail asterisk-voicemail-imapstorage 
asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql 
asterisk-mobile asterisk-doc asterisk-dev asterisk-config
Architecture: source
Version: 1:13.14.1~dfsg-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian VoIP Team 
Changed-By: Bernhard Schmidt 
Description:
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the 
Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the 
Asterisk PBX
 asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 875450 876328
Changes:
 asterisk (1:13.14.1~dfsg-2+deb9u2) stretch-security; urgency=high
 .
   * CVE-2017-14603 / AST-2017-008
 This is a follow-up for AST-2017-005: RTP/RTCP information leak
 improving robustness of the security fix and fixing a regression
 with re-INVITEs (Closes: #876328)
   * Fix one-way audio with chan_sip when transcoding (Closes: #875450)
Checksums-Sha1:
 2977c66a23be109bc4fbe53e5b85fc46638f63d5 4133 
asterisk_13.14.1~dfsg-2+deb9u2.dsc
 3970e2be900e02197c18a09a4e2b3590de5c9a5e 142904 
asterisk_13.14.1~dfsg-2+deb9u2.debian.tar.xz
 35a01eb8ebbe0158edae6e99bdb8af87e6437aa1 26743 
asterisk_13.14.1~dfsg-2+deb9u2_amd64.buildinfo
Checksums-Sha256:
 2e507bdb0d01d9f6d4995aca883f93397c2109a0640e8e74d46fe510c7f0d091 4133 
asterisk_13.14.1~dfsg-2+deb9u2.dsc
 fab80768a606e74b95c4ff4023b9374aebf3558f266c7df46627baacc68e51d3 142904 
asterisk_13.14.1~dfsg-2+deb9u2.debian.tar.xz
 4a62a738b59acf852d56826a1595963800cc01fe70ddad0656a41bca81ee1929 26743 
asterisk_13.14.1~dfsg-2+deb9u2_amd64.buildinfo
Files:
 94f072e4715994f227382b8d5ad82ddd 4133 comm optional

Bug#876328: marked as done (asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008))

2017-09-23 Thread Debian Bug Tracking System

Your message dated Sat, 23 Sep 2017 19:35:06 +
with message-id 
and subject line Bug#876328: fixed in asterisk 1:13.17.2~dfsg-1
has caused the Debian Bug report #876328,
regarding asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
876328: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876328
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: asterisk
Version: 1:13.17.1~dfsg-1
Severity: grave
Tags: patch security upstream

Hi,

the following vulnerability was published for asterisk.

CVE-2017-14603[0]:
followup-to AST-2017-005: RTP/RTCP information leak

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14603
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14603
[1] http://downloads.asterisk.org/pub/security/AST-2017-008.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: asterisk
Source-Version: 1:13.17.2~dfsg-1

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernhard Schmidt  (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 23 Sep 2017 20:41:06 +0200
Source: asterisk
Binary: asterisk asterisk-modules asterisk-dahdi asterisk-vpb 
asterisk-voicemail asterisk-voicemail-imapstorage 
asterisk-voicemail-odbcstorage asterisk-ooh323 asterisk-mp3 asterisk-mysql 
asterisk-mobile asterisk-tests asterisk-doc asterisk-dev asterisk-config
Architecture: source
Version: 1:13.17.2~dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team 
Changed-By: Bernhard Schmidt 
Description:
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-config - Configuration files for Asterisk
 asterisk-dahdi - DAHDI devices support for the Asterisk PBX
 asterisk-dev - Development files for Asterisk
 asterisk-doc - Source code documentation for Asterisk
 asterisk-mobile - Bluetooth phone support for the Asterisk PBX
 asterisk-modules - loadable modules for the Asterisk PBX
 asterisk-mp3 - MP3 playback support for the Asterisk PBX
 asterisk-mysql - MySQL database protocol support for the Asterisk PBX
 asterisk-ooh323 - H.323 protocol support for the Asterisk PBX - ooH323c
 asterisk-tests - internal test modules of the Asterisk PBX
 asterisk-voicemail - simple voicemail support for the Asterisk PBX
 asterisk-voicemail-imapstorage - IMAP voicemail storage support for the 
Asterisk PBX
 asterisk-voicemail-odbcstorage - ODBC voicemail storage support for the 
Asterisk PBX
 asterisk-vpb - VoiceTronix devices support for the Asterisk PBX
Closes: 876328
Changes:
 asterisk (1:13.17.2~dfsg-1) unstable; urgency=high
 .
   * New upstream version 13.17.2~dfsg
 - CVE-2017-14603 / AST-2017-008
   This is a follow-up for AST-2017-005: RTP/RTCP information leak
   improving robustness of the security fix and fixing a regression
   with re-INVITEs (Closes: #876328)
Checksums-Sha1:
 ef0627eddbf392c2780648a5a57759b4446fbb51 4268 asterisk_13.17.2~dfsg-1.dsc
 ab66abe155fa42e6e53ef3db54a8319d31acf3f9 6229408 
asterisk_13.17.2~dfsg.orig.tar.xz
 9cbffc2c2aaadcdce87814235fc0670bf8d7589d 168464 
asterisk_13.17.2~dfsg-1.debian.tar.xz
 4226c68da4a5dd5ce91d3e47e6f13db9b0264710 27353 
asterisk_13.17.2~dfsg-1_amd64.buildinfo
Checksums-Sha256:
 9554380b8410b7c74e99259f08200f2965eea05574d7224fc7ecd4ba506d4e68 4268 
asterisk_13.17.2~dfsg-1.dsc
 64cb6072183cfa635db56206bf7ba1dd761d7e067eaa83edbc23fb3c870bd086 6229408 
asterisk_13.17.2~dfsg.orig.tar.xz
 1641303bbe2fc4ff099d81a126c4fdcb0cc1674939d1234ac422beb30b06 168464 
asterisk_13.17.2~dfsg-1.debian.tar.xz

Bug#876328: marked as done (asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008))

Bug#876328: marked as done (asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008))

Bug#876328: marked as done (asterisk: CVE-2017-14603: RTP/RTCP information leak (AST-2017-008))

3 matches

Site Navigation

Mail list logo

Footer information